Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/6378bb-52ce-46af-959c-a9054928b544/1/Wh6JQzTaaU1ksIyyxLnjWBxZDG8.roa
File: Wh6JQzTaaU1ksIyyxLnjWBxZDG8.roa (raw, json)
Hash identifier: 55ky0Uiwviwh5+7rdD8iLquSLAPvS6ICHrn6vVGr5GI=
Subject key identifier: 5A:1E:89:43:34:DA:69:4D:64:B0:8C:B2:C4:B9:E3:58:1C:59:0C:6F
Certificate issuer: /CN=f6450d2d0213ee4c9f3181efeeb2d663fe0d365b
Certificate serial: 018A464866811CF3672B96DA20947CCD612A
Authority key identifier: F6:45:0D:2D:02:13:EE:4C:9F:31:81:EF:EE:B2:D6:63:FE:0D:36:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9kUNLQIT7kyfMYHv7rLWY_4NNls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/6378bb-52ce-46af-959c-a9054928b544/1/Wh6JQzTaaU1ksIyyxLnjWBxZDG8.roa
Signing time: Wed 30 Aug 2023 11:51:04 +0000
ROA not before: Wed 30 Aug 2023 11:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202044
IP address blocks: 2a13:b9c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:48:66:81:1c:f3:67:2b:96:da:20:94:7c:cd:61:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6450d2d0213ee4c9f3181efeeb2d663fe0d365b
Validity
Not Before: Aug 30 11:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a1e894334da694d64b08cb2c4b9e3581c590c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:56:d5:90:f9:79:a2:0d:e8:f5:b9:dc:93:d6:
f8:30:e0:5b:5d:e2:29:1d:4d:f8:2b:c2:c2:9f:b6:
23:7c:c7:99:96:ca:4a:74:45:1b:ac:a4:82:10:eb:
f8:60:d8:7b:9f:e7:af:61:54:e7:5b:37:2d:2c:c9:
5c:e3:ae:89:be:4f:8d:28:41:a8:fa:96:ed:c9:51:
71:87:9e:9d:6f:99:b0:1c:50:fa:3b:39:5e:be:f6:
b8:a4:66:43:82:c4:06:27:7c:3b:d4:a6:9f:a3:44:
e6:29:5a:33:31:4a:2d:b3:77:b1:f1:b8:7e:48:04:
a2:8c:b5:10:1b:48:04:55:7f:1e:6d:68:71:e3:52:
88:a3:8d:24:dc:25:ed:14:0a:3c:44:9a:62:21:38:
5b:21:f1:8f:88:35:a1:2b:d1:17:de:46:35:19:ce:
7e:fd:ec:55:39:22:b3:32:c0:ff:da:58:5c:43:6d:
1f:e7:37:8d:58:e4:38:d1:fc:51:4a:64:74:f4:1e:
a0:d6:da:e5:45:6e:dd:1f:65:b9:9b:ac:1b:49:15:
12:87:25:db:2c:62:12:97:c9:a0:5c:5d:ff:4d:74:
ac:2e:8c:f2:89:f2:5f:a8:c6:64:2a:01:b3:4e:5d:
5e:ac:dc:39:30:c1:1f:95:e2:5d:2a:15:b4:6c:46:
f9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1E:89:43:34:DA:69:4D:64:B0:8C:B2:C4:B9:E3:58:1C:59:0C:6F
X509v3 Authority Key Identifier:
keyid:F6:45:0D:2D:02:13:EE:4C:9F:31:81:EF:EE:B2:D6:63:FE:0D:36:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kUNLQIT7kyfMYHv7rLWY_4NNls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/6378bb-52ce-46af-959c-a9054928b544/1/Wh6JQzTaaU1ksIyyxLnjWBxZDG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/6378bb-52ce-46af-959c-a9054928b544/1/9kUNLQIT7kyfMYHv7rLWY_4NNls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b9c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:f7:3d:ec:7b:c2:51:57:6c:86:10:b1:da:0d:82:bf:5d:50:
f3:c6:c4:e0:cc:96:98:dc:84:79:73:ab:43:da:04:3b:dd:1c:
cb:9f:8f:09:64:92:17:76:70:39:8c:f4:32:c9:e2:69:dc:9f:
34:58:cf:ee:ee:6b:96:dd:3b:35:12:f4:15:5e:aa:2c:e8:45:
af:bb:42:fc:cb:a1:30:4d:ff:59:05:9c:75:84:07:26:82:61:
dc:40:33:cd:65:b0:28:81:54:e8:62:a6:66:47:32:e8:d6:de:
39:d1:7b:cf:72:75:2c:34:a2:ae:cb:f0:24:64:b1:37:dc:2a:
be:44:2e:b3:52:9c:dc:88:7e:e3:14:30:f3:ba:ae:c9:3b:ab:
6e:d3:74:0a:39:2f:07:4e:eb:30:25:5f:b1:8f:6b:d6:e2:ca:
45:9f:04:5f:cb:b8:4f:67:5d:36:cb:d4:62:a1:ff:0a:31:9d:
6d:6e:85:86:0b:68:7f:7e:b2:41:29:c1:91:9a:05:29:93:85:
94:77:4c:03:02:a0:f0:ac:c9:13:d1:c3:f7:14:c3:5f:67:73:
78:89:4f:8c:c2:d4:fa:ca:8f:33:6d:c4:1e:99:d0:ca:00:69:
47:1b:95:a7:d8:dc:63:4b:a9:cf:79:6d:df:41:c7:ea:91:4e:
4e:51:97:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpGSGaBHPNnK5baIJR8zWEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDUwZDJkMDIxM2VlNGM5ZjMxODFlZmVlYjJkNjYzZmUw
ZDM2NWIwHhcNMjMwODMwMTE1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFlODk0MzM0ZGE2OTRkNjRiMDhjYjJjNGI5ZTM1ODFjNTkwYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1bVkPl5og3o9bnck9b4MOBbXeIp
HU34K8LCn7YjfMeZlspKdEUbrKSCEOv4YNh7n+evYVTnWzctLMlc466Jvk+NKEGo
+pbtyVFxh56db5mwHFD6Ozlevva4pGZDgsQGJ3w71Kafo0TmKVozMUots3ex8bh+
SASijLUQG0gEVX8ebWhx41KIo40k3CXtFAo8RJpiIThbIfGPiDWhK9EX3kY1Gc5+
/exVOSKzMsD/2lhcQ20f5zeNWOQ40fxRSmR09B6g1trlRW7dH2W5m6wbSRUShyXb
LGISl8mgXF3/TXSsLozyifJfqMZkKgGzTl1erNw5MMEfleJdKhW0bEb5ywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFoeiUM02mlNZLCMssS541gcWQxvMB8GA1UdIwQY
MBaAFPZFDS0CE+5MnzGB7+6y1mP+DTZbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtVTkxRSVQ3a3lmTVlIdjdyTFdZXzROTmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82Mzc4YmItNTJjZS00NmFmLTk1OWMt
YTkwNTQ5MjhiNTQ0LzEvV2g2SlF6VGFhVTFrc0l5eXhMbmpXQnhaREc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82Mzc4YmItNTJjZS00NmFmLTk1OWMtYTkwNTQ5MjhiNTQ0
LzEvOWtVTkxRSVQ3a3lmTVlIdjdyTFdZXzROTmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO5wDAN
BgkqhkiG9w0BAQsFAAOCAQEAf/c97HvCUVdshhCx2g2Cv11Q88bE4MyWmNyEeXOr
Q9oEO90cy5+PCWSSF3ZwOYz0MsniadyfNFjP7u5rlt07NRL0FV6qLOhFr7tC/Muh
ME3/WQWcdYQHJoJh3EAzzWWwKIFU6GKmZkcy6NbeOdF7z3J1LDSirsvwJGSxN9wq
vkQus1Kc3Ih+4xQw87quyTurbtN0CjkvB07rMCVfsY9r1uLKRZ8EX8u4T2ddNsvU
YqH/CjGdbW6Fhgtof36yQSnBkZoFKZOFlHdMAwKg8KzJE9HD9xTDX2dzeIlPjMLU
+sqPM23EHpnQygBpRxuVp9jcY0upz3lt30HH6pFOTlGXTg==
-----END CERTIFICATE-----
Generated at Thu Oct 26 08:31:45 2023 by rpki-client on console-ams.rpki-client.org